Hi, I've recently considered writing something like the `max-src-conn' from OpenBSD's pf support in the netfilter. Just curious: Does anyone know about some piece of code or similar functionality in the netfilter's conntrack (in POM-ng, etc)? Am now considering writing something using CONNTRACK-API that I've seen last weekend on POM-ng. The `max-src-conn' semantics: ``max-src-nodes <number>''. >From the man page: "Limits the maximum number of source addresses which can simultaneously have state table entries". -- Felipe Kellermann
